Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

TPDP Episode #24: Mobile Application Security

I’m pleased to announce that the latest episode of The Polyglot Developer Podcast titled, Mobile Application Security, has been published to iTunes, Pocket Casts, and every other major podcasting network that consumes the feed!

In this episode, which is the 24th episode of the show, I’m joined by first time guest, Rob Lauer, and returning guest TJ VanToll. Both of these guests work for Progress, which is the company behind NativeScript, and you’ll remember that episode 5 was strictly around getting to know what NativeScript has to offer. The focus of this episode isn’t around NativeScript, but around the security of your mobile applications. Just like with web applications, security is important with mobile, even if it isn’t talked about as much.

In this episode you’ll learn about protecting your application source code from reverse engineering, protecting your users data at rest, and securely transferring your data between remote web services.

Read More

TPDP Episode #15: Authorizing Access with OAuth

I am pleased to announce that the latest episode of The Polyglot Developer Podcast is now available to download from all the popular podcasting networks. In this episode titled, Authorizing Access with OAuth, I’m joined by Ryan Chenkie from Auth0 to talk about OAuth and how it can be used to authorize access to your data by third-party applications.

Episode #15 can be downloaded for free from iTunes, Pocket Casts, and every other popular network, but it can also be heard below.

Read More

JWT Authentication In A Node.js Powered API

When it comes to API development, there is often a need to protect certain endpoints or rate-limit the API in general. Because you are working with endpoints from clients possibly on a different domain, you can’t authenticate users with sessions and cookies. It would also be a bad idea to pass around a username and password with each request. Typically endpoints are protected with tokens that are passed with each request and these tokens are often JSON Web Tokens (JWT) that work very well.

We’re going to see how to create a very simple API using Node.js with protected endpoints that require a valid JWT in order for requests to succeed.

Read More

Using An SSL Certificate With Apache

When you have a website that transmits information from a user to your server it is very important to encrypt it. The last thing you want is someones password being sniffed by a malicious user when they register or sign in. By using Secure Socket Layer (SSL), data is encrypted between client and server preventing any malicious users from sniffing your password in plain text.

The following will help you install an SSL certificate to one of your Apache web server virtual hosts.

Read More

Securing Your Apache phpMyAdmin Installation

If you’re using a LAMP (Linux, Apache, MySQL, PHP) stack, chances are you’re going to be using phpMyAdmin. By default, your phpMyAdmin installation is not very secure and chances are your MySQL database has a treasure trove of excellent information for a malicious user.

By following these steps, you can make it significantly tougher for your phpMyAdmin installation to be exploited.

Read More

Search

Follow Us

The Polyglot Developer

Subscribe

Subscribe to the newsletter for monthly tips and tricks on subjects such as mobile, web, and game development.

The Polyglot Developer

Support This Site